Consent: Add support for displaying a link to a privacy policy in the consent page.

Thanks to Harald Hannelius for the original patch. git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@696 44740490-163a-0410-bde0-09ae8108e29a

Consent: Add support for displaying a link to a privacy policy in the consent page.
932f71bc · Olav Morken · 1ed490e3 · 932f71bc · 932f71bc · 932f71bc
Commit 932f71bc authored 16 years ago by Olav Morken
--- a/dictionaries/consent.php
+++ b/dictionaries/consent.php
@@ -79,6 +79,11 @@ $lang = array(
 		'hr' => 'Tijekom procesa prijavljivanja vaša matična ustanova će servisu poslati atribute koji sadrže podatke o vašem identitetu. Slažete li se s time?',
 		'hu' => 'Az azonosítás során az azonosító szolgáltató személyes adatokat fog küldeni ennek a szolgáltatásnak. Engedélyezi?',
 	),
+	'consent_privacypolicy' => array (
+		'en' => 'Privacypolicy for the service',
+		'sv' => 'Registerbeskrivning för tjänsten',
+		'fi' => 'Tietosuojaseloste palvelulle',
+	),
 	'login' => array (
 		'no' => 'innlogging',
 		'nn' => 'Logg inn',

--- a/docs/source/simplesamlphp-idp.xml
+++ b/docs/source/simplesamlphp-idp.xml
@@ -541,6 +541,17 @@ openssl x509 -req -days 60 -in server2.csr -signkey server2.key -out server2.crt
              page.</para>
            </glossdef>
          </glossentry>
+          <glossentry>
+            <glossterm>privacypolicy</glossterm>
+            <glossdef>
+              <para>This is an absolute URL for where an user can find a
+              privacypolicy. If set, this will be shown on the consent page.
+              <literal>%SPENTITYID%</literal> in the URL will be replaced with
+              the entity id of the service the user is accessing.</para>
+            </glossdef>
+          </glossentry>
        </glosslist>
      </section>
@@ -854,6 +865,17 @@ openssl x509 -req -days 60 -in server2.csr -signkey server2.key -out server2.crt
              <literal>FALSE</literal> by default.</para>
            </glossdef>
          </glossentry>
+          <glossentry>
+            <glossterm>privacypolicy</glossterm>
+            <glossdef>
+              <para>This is an absolute URL for where an user can find a
+              privacypolicy for this SP. If set, this will be shown on the
+              consent page. <literal>%SPENTITYID%</literal> in the URL will be
+              replaced with the entity id of this service provider.</para>
+            </glossdef>
+          </glossentry>
        </glosslist>
      </section>
    </section>

--- a/templates/default/consent.php
+++ b/templates/default/consent.php
@@ -11,6 +11,12 @@
 		<?php echo htmlspecialchars($this->t('consent_accept')) ?> 
 		</p>
+		<?php if ($this->data['sppp'] !== FALSE) {
+			echo "<p>" . htmlspecialchars($this->t('consent_privacypolicy')) . " ";
+			echo "<a target='_new_window' href='" . htmlspecialchars($this->data['sppp']) . "'>" . htmlspecialchars($this->t('spname')) . "</a>";
+			echo "</p>";
+		} ?>
 		<form style="display: inline" action="<?php echo htmlspecialchars($this->data['consenturl']); ?>">
 			<input type="submit" value="<?php echo htmlspecialchars($this->t('yes')) ?>" />
 			<input type="hidden" name="consent" value="<?php echo htmlspecialchars($this->data['consent_cookie']); ?>" />

--- a/www/saml2/idp/SSOService.php
+++ b/www/saml2/idp/SSOService.php
@@ -282,6 +282,20 @@ if($needAuth && !$isPassive) {
 				$t->data['consent_cookie'] = $requestcache['ConsentCookie'];
 				$t->data['usestorage'] = $consent->useStorage();
 				$t->data['noconsent'] = '/' . $config->getBaseURL() . 'noconsent.php';
+				if (array_key_exists('privacypolicy', $spmetadata)) {
+					$privacypolicy = $spmetadata['privacypolicy'];
+				} elseif (array_key_exists('privacypolicy', $idpmetadata)) {
+					$privacypolicy = $idpmetadata['privacypolicy'];
+				} else {
+					$privacypolicy = FALSE;
+				}
+				if($privacypolicy !== FALSE) {
+					$privacypolicy = str_replace('%SPENTITYID%', urlencode($spentityid),
+						$privacypolicy);
+				}
+				$t->data['sppp'] = $privacypolicy;
 				$t->show();
 				exit;
 			}

--- a/www/shib13/idp/SSOService.php
+++ b/www/shib13/idp/SSOService.php
@@ -194,6 +194,20 @@ if (!$session->isAuthenticated($authority) ) {
 				$t->data['consent_cookie'] = $requestcache['ConsentCookie'];
 				$t->data['usestorage'] = $consent->useStorage();
 				$t->data['noconsent'] = '/' . $config->getBaseURL() . 'noconsent.php';
+				if (array_key_exists('privacypolicy', $spmetadata)) {
+					$privacypolicy = $spmetadata['privacypolicy'];
+				} elseif (array_key_exists('privacypolicy', $idpmetadata)) {
+					$privacypolicy = $idpmetadata['privacypolicy'];
+				} else {
+					$privacypolicy = FALSE;
+				}
+				if($privacypolicy !== FALSE) {
+					$privacypolicy = str_replace('%SPENTITYID%', urlencode($spentityid),
+						$privacypolicy);
+				}
+				$t->data['sppp'] = $privacypolicy;
 				$t->show();
 				exit;
 			}